Meta

Using Jenkins to run remote deployment scripts over SSH

We use Jenkins to deploy code to multiple servers, so that we can manage builds and deployments from the same (even better if you’re using the Jenkins IRC plugin).

The deployment is done by a parameterized build job, where the parameter is the version of the project that we want to deploy. The job will run remote commands over ssh on servers that you’ve defined in the Jenkins configuration. Those commands will pull down a version of our code, unpack it, and run the rest of the install steps.

First you’ll need to install the Publish over SSH Plugin, which will allow files to be transferred to your servers and remote commands to be run.

Set up the SSH key for remote access of your target servers, in the Manage Jenkins page:

and setup the definitions for each of the servers that you want to deploy to:

Then in the configuration for the new deployment job you’ve set up, you’ll use the “Send files or execute commands over SSH before the build starts” settings in the “Build Environment” section to remotely execute a script to carry out the install steps on each remote server:

Notice that the build parameter “$version” is available to the Exec command that gets remotely executed – other Jenkins environment variables will also be available (e.g. $BUILD_NUMBER, $JOB_NAME etc).

Use the “Add Server” button to add more target servers, with the same Exec command.

Now you can deploy your project (or run any other remote scripts) by running the build job and specifying a version number.

I’m confused about which key to fulfill in the key box.
I’ll deploy a zip file to multiple servers ,
Shall I generate the SSH key from each computer (Linux ) and then paste the private key in the jenkins key box?

@lawrence — no, don’t generate multiple keys. generate a keypair on the (Jenkins) machine you’re sending files *from*, then add the resulting public key (id_rsa.pub for example) into the .ssh/authorized_keys file of the user that’s receiving the files on your remote machines.

in the publish over ssh config, you’ll enter the path to your private key on your jenkins host, not the remote hosts. if your Jenkins user doesn’t have a keypair, you can generate one using ‘ssh-keygen’ command and be sure to _not_ enter in a passphrase.

when your job execs, SSH will use this path to your private key (for ex, /var/lib/jenkins/.ssh/id_rsa) when negotiating with the remote host and it will match it against the remote host’s .ssh/authorized_keys file entry that you made.

Hi,
Can anyone tell me how i can configure jenkins to setup a interactive shell script which at run will ask for deployment server password and the level for which it want to deploy. Please suggest. Thanks in Advance